industry
UNLOCKED
EXPERTS SHARE HOW CISOS CAN BOLSTER MANUFACTURING CYBERSECURITY
Four industry experts tell us how CISOs in the manufacturing sector can strengthen their cybersecurity strategies to protect critical systems from emerging threats while maintaining operational efficiency.
Andrew Lintell, General Manager EMEA, Claroty
Trevor Dearing, Director of Critical Infrastructure at Illumio
Andrew Lintell, General Manager EMEA, Claroty
CISOs in the manufacturing sector face a unique challenge when it comes to cybersecurity. With IT and OT becoming increasingly interconnected, the risk of cyberthreats have grown significantly.
As manufacturers embrace automation and smart technologies to drive efficiency, they’ re also creating new vulnerabilities for actors to exploit. Therefore, organisations must strike the balance of increasing efficiency whilst ensuring that cybersecurity doesn’ t slip.
One of the biggest issues in manufacturing is that many OT systems which are used were designed decades ago and lack the security capabilities for today’ s threats. Patching these legacy systems is costly so often goes ignored. As well as this, many cyber physical systems( CPSs) rely on proprietary protocols that don’ t work well with traditional IT security tools. That means getting a clear picture of all the assets in an OT environment can be challenging. Security teams need visibility into all as well as solutions tailored to OT environments.
Another concern is remote access. In manufacturing, this is essential to keep operations running smoothly, but the methods most commonly used, like VPNs and jump servers, come with their own risks. Shared credentials and broad access privileges make it easier for attackers to exploit systems. At the same time, ransomware is becoming an increasingly dangerous threat, capable of halting production, disrupting supply chains and even putting employee safety at risk.
To address challenges of IT and OT integration, a cohesive security strategy is key. The board must take steps to look beyond stereotypes of IT teams being overly cautious and recognise the genuine threats posed by OT security risks.
To strengthen cybersecurity without slowing down operations, CISOs need to focus on achieving full visibility into every CPS in the OT environment. Without knowing exactly what’ s connected, it’ s impossible to secure it. They must also bridge the gap between IT and OT security. Traditional IT security measures often struggle to monitor OTspecific protocols so should be adapted to provide better protection without disrupting production. Secure network segmentation and an effective asset management policy, strengthened by risk-based security controls can help reduce exposure.
Trevor Dearing, Director of Critical Infrastructure at Illumio
Cybercriminals are increasingly targeting the availability of services when they deploy attacks – for example, 62 % of UK organisations had to shut down operations following a ransomware attack.
With the manufacturing sector being heavily reliant on availability, it naturally becomes a target for cybercriminals. Thanks to the convergence of IT / OT systems and the rise of interconnected networks, organisations now face an increased attack surface, exposing gaps that cybercriminals can exploit.
Manufacturers are also vulnerable to supply chain risk. One compromised manufacturer can give cybercriminals access to a broad network of connected suppliers, partners and customers. This
44 WWW. INTELLIGENTCISO. COM